JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a01:4f8:c012:c350::1

2a01:4f8:c012:c350::1 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 52%: ?

52%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24940
Domain Name	hetzner.com
Country	🇩🇪 Germany
City	Falkenstein, Saxony

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a01:4f8:c012:c350::1

Whois 2a01:4f8:c012:c350::1

IP Abuse Reports for 2a01:4f8:c012:c350::1:

This IP address has been reported a total of 14 times from 8 distinct sources. 2a01:4f8:c012:c350::1 was first reported on June 15th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 openstrike.co.uk	2026-06-16 05:14:45 (2 days ago)	18 attacks on env grabbing URLs: GET /project/.env HTTP/1.1	Hacking
🇺🇸 TPI-Abuse	2026-06-15 18:45:20 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a01:4f8:c012:c350::1 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:210492) triggered by 2a01:4f8:c012:c350::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 14:45:13.045484 2026] [security2:error] [pid 22451:tid 22451] [client 2a01:4f8:c012:c350::1:43338] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "emmlogistics.com"] [uri "/.env"] [unique_id "ajBIOaKUy615EVvns8sUeAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 18:17:58 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a01:4f8:c012:c350::1 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:210492) triggered by 2a01:4f8:c012:c350::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 14:17:54.709707 2026] [security2:error] [pid 5692:tid 5710] [client 2a01:4f8:c012:c350::1:57896] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "worldecom.org"] [uri "/project/.env"] [unique_id "ajBB0kJL5NNqEo5nZs7QMwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-15 18:10:31 (3 days ago)	[MonJun1520:10:28.7432722026][security2:error][pid72772:tid72922][client2a01:4f8:c012:c350::1:0]ModS ... show more [MonJun1520:10:28.7432722026][security2:error][pid72772:tid72922][client2a01:4f8:c012:c350::1:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"cxservices.ch\"][uri\"/api/.env\"][unique_id\"ajBAFDVzCSaofMNQw-JgmwAAANQ\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 17:08:26 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a01:4f8:c012:c350::1 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:210492) triggered by 2a01:4f8:c012:c350::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:08:19.561535 2026] [security2:error] [pid 7426:tid 7426] [client 2a01:4f8:c012:c350::1:43380] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dreamscometruefilms.com"] [uri "/project/.env"] [unique_id "ajAxgxyTQKg7yvfXq0qKtwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 16:18:19 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a01:4f8:c012:c350::1 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:210492) triggered by 2a01:4f8:c012:c350::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 12:18:15.865636 2026] [security2:error] [pid 1984:tid 1984] [client 2a01:4f8:c012:c350::1:57154] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kozyramodularhomebuilder.com"] [uri "/.env"] [unique_id "ajAlx2NtZWh66Yy5cHwrrwAAAHY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-15 16:06:02 (3 days ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 16:01:26 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a01:4f8:c012:c350::1 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:210492) triggered by 2a01:4f8:c012:c350::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 12:01:21.399395 2026] [security2:error] [pid 15572:tid 15572] [client 2a01:4f8:c012:c350::1:39460] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kathiehazlett.com"] [uri "/project/.env"] [unique_id "ajAh0bBqodkDnq1ZFGmABwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-06-15 12:34:36 (3 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-15 12:15:18 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a01:4f8:c012:c350::1 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:210492) triggered by 2a01:4f8:c012:c350::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 08:15:12.335205 2026] [security2:error] [pid 360:tid 360] [client 2a01:4f8:c012:c350::1:38760] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "buyperfumeonline.net"] [uri "/api/.env"] [unique_id "ai_s0GHqfVvI7SUkOegpPQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-15 12:12:50 (3 days ago)	Multiple WAF Violations	Web App Attack
🇧🇪 cmbplf	2026-06-15 11:34:06 (3 days ago)	4.931 requests with url.path *.env	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-15 08:34:25 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a01:4f8:c012:c350::1 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:210492) triggered by 2a01:4f8:c012:c350::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 04:34:16.911604 2026] [security2:error] [pid 2382:tid 2382] [client 2a01:4f8:c012:c350::1:47720] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "megastorebuilders.info"] [uri "/.env"] [unique_id "ai-5CPhS3xHAqAM5ao_XJAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Ba-Yu	2026-06-15 08:33:54 (3 days ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 180.76.184.79

🇮🇩 165.154.151.176

🇮🇳 139.59.5.119

🇨🇳 118.186.7.10

🇰🇪 102.210.149.105

🇸🇪 80.244.95.82

🇮🇷 2.188.33.24

🇷🇺 212.3.155.8

🇨🇳 183.196.80.242

🇷🇺 176.97.160.170

🇺🇸 143.244.47.86

🇭🇰 119.246.15.94

🇩🇪 213.209.159.235

🇧🇬 185.55.229.75

🇷🇺 176.97.160.73

🇫🇮 147.185.133.86

🇨🇳 112.20.160.110

🇷🇴 92.118.39.59

🇺🇸 66.132.172.132

🇧🇩 45.248.151.106